if (is_numeric($_REQUEST["staff_id"])) {
$staff_id = $_REQUEST["staff_id"];
} else {
print _("Perhaps you have come here by a funny path?");
exit;
}
/// Create our record
$record = new Staff($staff_id);
// Generate form box
$password_box = $record->outputPasswordForm();
$staff_name = $record->getFullName();
// See if a password has been submitted
if (isset($_POST['action']) && $_POST['action'] == 'password') {
if ($_POST["password"] != "") {
if ($record->correctPassword($_POST['password'])) {
$pass_result = $record->updatePassword($_POST["password"]);
if ($pass_result == TRUE) {
$feedback = "<div class=\"box\">" . _("Password updated. Close this box to continue.") . "</div>";
$password_box = "";
} else {
$feedback = "<div class=\"box\">" . _("There was a problem. Contact the admin.") . "</div>";
}
} else {
$feedback = "<div class=\"box\">" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</div>";
}
} else {
$feedback = "<div class=\"box\">" . _("You cannot leave the password box blank. Close this window if you don't want to change the password.") . "</div>";
}
}
print "<div id=\"maincontent\">\n<h2 class=\"bw_head\">" . _("Update Password for ") . " {$staff_name}</h2>";
print $feedback;
$lstrMessage = "Hello {$lobjStaff->getFullName()},\n\nHere is the link to reset your password. Link only works for three days. {$BaseURL}control/forgotpassword.php?id={$lobjStaff->getRecordID()}&code={$lstrCode}";
mail($lobjStaff->getEmail(), 'Reset password for SubjectsPlus', $lstrMessage, "From: {$administrator_email}");
$introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><strong>" . _("An email has been sent to reset your password. Please click the link in the email and follow the instructions.") . "</strong></p>";
}
} else {
$lobjStaff = new Staff();
$introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br />" . _("Please enter your <strong>email</strong> so we can email you a link to reset your password.") . "</p>";
$lstrForm = $lobjStaff->outputEmailForm();
}
} else {
$_SESSION['staff_id'] = $_GET['id'];
$lobjStaff = new Staff($_GET['id']);
if (isset($_POST['password'])) {
if ($lobjStaff->correctPassword($_POST['password'])) {
if ($_POST['password'] == $_POST['password_confirm']) {
$lobjStaff->updatePassword(trim($_POST['password']));
$introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br />" . _("Password has been updated.") . "</p>";
$introtext .= '<br><p align="center"><a href="login.php">Login</a></p>';
} else {
$introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><span style=\"background-color:yellow;\">" . _("Passwords did not match.") . "</span><br />" . _("Please enter your new password.") . "<br /><strong>" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</strong></p>";
$lstrForm = $lobjStaff->outputResetPasswordForm();
}
} else {
$introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><span style=\"background-color:yellow;\">" . _("Password doesn't meet requirements.") . "</span><br />" . _("Please enter your new password.") . "<br /><strong>" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</strong></p>";
$lstrForm = $lobjStaff->outputResetPasswordForm();
}
} else {
//create a DateTime object that defaults to today's date
$lobjTodayDate = new DateTime();
//clone Today's Date object because without clone, the object will pass by reference
$lobjTodayMinusOne = clone $lobjTodayDate;
